The Post-Incident Guide


Identify incident data

The first step is to collect incident data. Think of what data sources will give you contextual information to help you get started with your incident; chat transcripts, organizational charts, information about those individuals involved in the incident. Contextual information is the relevant background needed to make sense of the event. Things like: what teams are participants on? How long have they been at the organization? Who do they typically work with? What systems do they typically work on? How long have they been on-call for these systems? You may already be collecting this information in a document, pasting it into a Jira ticket, or keeping old-school printouts.

It’s common for incident data to be spread across multiple communication chat channels. Take a look at the main incident channel and keep track of key players and their roles. Scan any potentially relevant channels (shared user or on-call channels, general company channels, or specific component channels) to see if the incident is mentioned or search using keywords/ticket numbers. If you find something, make a note of the channel, and capture relevant messages.

Promote positive change in your organization. And the industry.